stay one step ahead of the criminal mind...endpoint sensors lightweight, discreet monitoring tools...

8
STAY ONE STEP AHEAD OF THE CRIMINAL MIND F-Secure Rapid Detection & Response

Upload: others

Post on 31-Dec-2020

3 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

STAY ONE STEP AHEAD OF THE

CRIMINAL MIND

F-Secure Rapid Detection & Response

Page 2: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

POST-COMPROMISE

PRE-COMPROMISEEffective pre-compromise threat prevention is the cornerstone of cyber security, but you can’t rely on preventive measures alone to keep your business and its data safe from the Tactics, Techniques and Procedures adversaries use in targeted attacks.

The continuously evolving threat landscape, along with regulatory demands such as GDPR, require companies to be prepared for post-compromise breach detection. That means ensuring a company is capable of rapidly responding to advanced attacks.

F-Secure’s Rapid Detection & Response solution, which is trained by an experienced threat hunting team, enables your own IT team or a certified service provider to protect your organization against advanced threats. With the backing of F-Secure’s world-class cyber security experts, your own IT specialists will be able to respond to incidents swiftly and effectively. Or by letting a service provider manage your organization’s detection and response operations, you can focus on your core business and rely on expert guidance whenever under attack.

PROTECT YOUR BUSINESS AND ITS DATA AGAINST ADVANCED ATTACKS

INTRO

ADVANCED THREAT PROTECTIO

N

VU

LNERABILITY

MA

NAgem

ent

co

nsu

lt

ing and assesment serv

ices

ENDPOIN

T

PROTECTION

2

Page 3: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

OVERVIEW

STOP TARGETED ATTACKS QUICKLY WITH GUIDANCEYou need both the best technology and the latest human expertise to shield your organization against advanced cyber threats.

F-Secure’s industry-leading Endpoint Detection & Response (EDR) solution gives you contextual visibility into advanced threats, enabling you to detect and respond to targeted attacks with automation and guidance.

When a breach occurs, you need more than just an alert. In order to plan the best response possible, you need to understand the specifics of the attack. Our Broad Context Detection™ mechanisms, together with certified service providers and built-in automation, will quickly stop the attack and provide actionable advice for further remediation actions

3

Page 4: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

F-Secure’s industry-leading technology at your service

1. Lightweight sensors deployed across endpoints monitor behavioral events generated by users, and stream them to our cloud in real-time.

2. Our real-time behavioral data analytics and Broad Context Detection™ mechanisms narrow down the data, distinguishing malicious behavior patterns from normal user behavior to quickly identify real attacks.

3. Alerts with visualized broad context and descriptive information about the attack makes confirming a detection easy, either by the F-Secure Partner or by your own IT team, with an option to elevate tough investigations to F-Secure.

4. Following a confirmed detection, the solution provides advice and recommendations to guide you through the necessary steps to contain and remediate the threat

HOW IT WORKS

4

Page 5: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

Detecting advanced threats by spotting the small individual events attackers trigger is like trying to find a needle in a haystack.

In a 325-node customer installation, our sensors collected around 500 million events over a period of one month. Raw data analysis in our back end systems filtered that number down to 225,000 events.

Suspicious events were further analyzed by our Broad Context Detection™ mechanisms to narrow down the number of detections to a mere 24. Finally, those 24 detections were reviewed in detail, with only 7 being confirmed as real threats.

Enabling IT and security teams to focus on fewer and more accurate detections results in faster and more effective response actions whenever under a real cyber attack.

LOOKING FOR A NEEDLE IN A HAYSTACK – A REAL WORLD EXAMPLE

HOW IT WORKS

500 MILLION

225 000

24

7

Data events / month

SUSPICIOUS EVENTS

DETECTIONS

REAL THREATS

Collected by 325 endpoint sensors

After real-time behavioral analysis of the events

After adding broader context to the suspicious events

After confirming detections as real threats

5

Page 6: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

DETECTION RESPONSEVISIBILITY

Gain immediate visibility into your IT environment and security status

• Improves visibility into IT environment and

security status through application and

endpoint inventory

• Identifies suspicious activity by collecting

and correlating behavioral events beyond

commodity malware

• Provides alerts with broad context

information and asset criticality, making

incident response easier

Protect your business and its sensitive data by detecting breaches quickly

• Detect and stop targeted attacks quickly to

minimize business interruptions and negative

brand impact

• Have the solution set up within hours,

allowing you to be ready for breaches

immediately

• Meet the regulatory requirements of PCI,

HIPAA, and GDPR that require breaches to be

reported within 72 hours

Respond swiftly with guidance and automation whenever under attack

• Built-in automation and intelligence help

your team focus only on real attacks

• Alerts include appropriate response

guidance, with an option to automate

response actions around the clock

• Overcome your skill or resource gap by

responding to attacks with a certified service

provider that is backed by F-Secure

BENEFITS

6

Page 7: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

Guided Response

Prepares you to deal with even the most advanced cyber attacks with your existing resources

• Built-in step-by-step response guidance and

remote actions to stop attacks

• Certified service providers guide and support

you through response actions

• Unique Elevate to F-Secure threat analysis

and expert guidance service backs you up

Automated Response

Reduce the impact of targeted cyber attacks by automating response actions around the clock

• Automated response actions based on

criticality, risk levels and predefined schedule

• Criticality and risk levels provided by the

solution allow prioritization of response

actions

• Contain attacks quickly even if your team is

only available during business hours

Endpoint Sensors

Lightweight, discreet monitoring tools designed to work with any endpoint protection solution

• Lightweight sensors are deployed on all

relevant computers within your organization

• Single-client and management infrastructure

with F-Secure’s endpoint security solutions

• The sensors collect behavioral data from

endpoint devices without compromising

users’ privacy

Broad Context Detection™

F-Secure’s proprietary detection technology makes understanding the scope of a targeted attack easy

• Real-time behavioral, reputational and big

data analysis with machine learning

• Automatically places detections into a

context visualized on a timeline

• Includes risk levels, affected host criticality

and the prevailing threat landscape

Application Visibility

Gaining visibility into your IT environment and security status has never been easier

• Identifies all harmful or otherwise unwanted

applications, and the foreign destinations of

different cloud services

• Leverages F-Secure’s reputational data to

identify potentially harmful applications

• Restricts potentially harmful applications and cloud

services even before data breaches happen

FOR A VIDEO GO TO

www.f-secure.com/RDR

FEATURES

7

Page 8: STAY ONE STEP AHEAD OF THE CRIMINAL MIND...Endpoint Sensors Lightweight, discreet monitoring tools designed to work with any endpoint protection solution • Lightweight sensors are

+

How do you detect a sophisticated attack? You make use of the most advanced analytics and machine learning technologies. But that’s not all. You’ve got to think like an attacker.

F-Secure’s security experts have participated in more European cyber crime investigations than any other company. With our experts’ fingers firmly on the pulse of the cyber attack landscape, you’ll stay up to date with the latest threat intelligence.

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers. Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

www.f-secure.com www.twitter.com/fsecure www.facebook.com/f-secure

A STEP AHEAD OF THE CRIMINAL MIND

ABOUT F-SECURE